One of the best ways to avoid fraud is to stay current on the latest scams that are circulating. Check this page on a regular basis to remain up to date as we will post alerts and information on recent scams and what actions you can take to protect yourself. You can also find the latest information on current scams at the website of the Federal Trade Commission.
Please be advised of a major data breach that was announced recently.
On September 7, 2017, Equifax announced a major data breach of its records that occurred from mid-May 2017 through July 2017. Equifax has found no evidence of unauthorized activity on the accounts in question, however, the breach may potentially affect 143 million U.S. consumers. Equifax reports that hackers had access to names, Social Security numbers, birth dates, addresses and driver’s license numbers, as well as credit card numbers and other documents with personal identifying information.
Frequently Asked Questions
How can I find out if my information was compromised?
What should I do if my information was compromised:
Whether your information was compromised or not, active monitoring of your credit profile and your bank accounts is always a good idea. Consider using an identity theft protection service. Equifax is offering a 12 month free subscription through TrustedID Premier.
Report any suspicious transactions/account activity immediately. A free copy of your credit report can be obtained once every 12 months from each of the 3 major credit reporting agencies (Equifax, Experian and TransUnion) at www.annualcreditreport.com.
I’ve been hearing about the Equifax breach in the news. What happened?
Equifax, one of the three major credit bureaus, experienced a massive data breach. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people.
Was my information stolen?
If you have a credit report, there’s a good chance it was. Go to a special website set up by Equifax to find out: https://www.equifaxsecurity2017.com/. Scroll to the bottom of the page and click on “Potential Impact,” enter some personal information and the site will tell you if you’ve been affected. Be sure you’re on a secure network (not public wi-fi) when you submit sensitive data over the internet.
How can I protect myself?
Enroll in Equifax’s services.
Equifax is offering one year of free credit monitoring and other services, whether or not your information was exposed. You can sign up at https://www.equifaxsecurity2017.com/.
Monitor your credit reports.
In addition, you can order a free copy of your credit report from all three of the credit reporting agencies at annualcreditreport.com. You are entitled to one free report from each of the credit bureaus once per year.
Monitor your bank accounts.
We also encourage you to monitor your financial accounts regularly for fraudulent transactions. Use online and mobile banking to keep a close eye on your accounts.
Watch out for scams related to the breach.
Do not trust e-mails that appear to come from Equifax regarding the breach. Attackers are likely to take advantage of the situation and craft sophisticated phishing e-mails.
Should I place a credit freeze on my files?
Before deciding to place a credit freeze on your accounts, consider your personal situation. If you might be applying for credit soon or think you might need quick credit in an emergency, it might be better to simply place a fraud alert on your files with the three major credit bureaus. A fraud alert puts a red flag on your credit report which requires businesses to take additional steps, such as contacting you by phone before opening a new account.
How do I contact the three major credit bureaus to place a freeze on my files?
Equifax: Call 800-349-9960 or visit its website.
Experian: Call 888-397-3742 or visit its website.
TransUnion: Call 888-909-8872 or visit its website.
Where can I get more information about the Equifax breach?
You can learn more directly from Equifax at https://www.equifaxsecurity2017.com/. You can also learn more by visiting the Federal Trade Commission’s web page on the breach at https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do. To learn more about how to protect yourself after a breach, visit https://www.identitytheft.gov/Info-Lost-or-Stolen.
Over the past week, a new widespread ransomware attack (called “Petya”) began to disrupt businesses functions throughout Europe and the United States. When a system becomes infected, a message appears on a black screen stating the following. “If you see this text, then your files are no longer accessible, because they have been encrypted. Perhaps you are looking for ways to recover your files but don’t waste your time. Nobody can recover you files without our decryption service.” A message then appears asking for $300 dollars -worth of bitcoin currency.
The Petya Ransomware has been spreading through systems that are not kept up to date via the latest patches provided by Microsoft, as well as via phishing emails. Industries that have been targeted thus far have included banks, power companies, airports, public transit, hospitals, and more.
What does this mean for you:
Please be cautious with email. If you are unsure of whether or not an email is from a legitimate source, please do not click on any links within these emails. Please be sure your computer is running an up-to-date antivirus program.
Please be aware that there is a new active email campaign targeting BankNewport customers.
The email looks to be from BankNewport (see below for email example - note the circled email address), however, the email was NOT sent by BankNewport and customers should not respond to it, click on the link within the email, or enter his/her credentials.
If you have clicked on the link below and entered your credentials, please log in to your electronic banking account to change both your username and password immediately and contact customer service at 401.845.2265 (Toll Free: 877.709.2265).
In a recent article published by Insurance Thought Leadership, a warning was issued regarding a new cyber-attack. The attack is referred to as Angler Phishing. This attack utilizes social media as weapon, as cyber criminals create fake customer service accounts in an effort to attack customers. The cyber criminal monitors a real company customer service account, posting similar content, however, the cyber criminals content contains malicious links that may install malware or redirect the customer to an alternative website. Once on this website the cyber criminal will then instruct the user to enter their login credentials or personal information.
Click here to view the full alert.
In a recent alert the FTC warns consumers of a Yahoo customer service scam. If you wish to contact Yahoo customer care there are many ways to do so, however, telephone is not one of them. Any phone number for Yahoo customer care you might find online is fake. The fake telephone number that is provided online offers customer care, for a fee.
In reality, Yahoo offers customer care free of charge. Customers will never have to pay for any technical support needs, such as resetting your password, or help with security concerns. Yahoo will also never remotely connect to your computer for any support-related requests.
Click here to view the full FTC alert.
The U.S. Department of Homeland Security and the U.S. Computer Emergency Readiness Team (US-CERT) has released a statement reminding individuals to remain vigilant when browsing or shopping online this holiday season.
Click here for more information regarding actions you can take to avoid these scams.
Have you gotten a call recently from someone claiming to be from the IRS?
Please keep in mind, if the IRS needs to contact you they will do so by mail first. The IRS will never demand personal information like credit card or Social Security numbers over the phone. The IRS will never threaten to arrest or sue you, demanding that you pay right away. They will not tell you to use a specific payment method like money transfer from MoneyGram or Western Union. These individuals who are claiming to be the IRS are fraudsters, seeking to steal information and money from you.
If you or someone you know receives a call like this, report it the FTC and the Treasury Inspector General for Tax Administration (TIGTA). Include the caller’s phone number, along with any details you have. If you’re not sure whether a call is really from the IRS, you can double-check by calling the IRS directly at 1-800-829-1040. For more, check out this IRS imposter scams infographic.
According to Symantec, a cybersecurity company, millions of Americans are unaware of the inherent risks of using public Wi-Fi despite using it regularly.
- 87% of U.S. consumers have used public Wi-Fi, whether at a hotel or a local Starbucks
- More than 60% of consumers think their information is safe when using public Wi-Fi
- 50% of all consumers think they are responsible for securing their information
- 30% of all consumers think the responsibility falls on websites and the Wi-Fi company
Never use public Wi-Fi to access banking information, as all of this information could be stolen in an instant if the Wi-Fi system is unsecure.
The only way to truly protect yourself is through a Virtual Private Network (VPN) connection. VPN offers a secure, encrypted connection that acts as a secure funnel for all of the information you are accessing on your computer to pass through. Setting up a VPN can be as easy as downloading an app on your phone and following your smartphones installation instructions.
Click here to read the full article.
Have you received a mailer promising mortgage relief via a lawsuit against banks and lenders? The FTC in a recent alert, has alerted consumers of various empty promises. The FTC has filed charges against Brookstone Law and Advantis Law for defrauding people in financial distress. According to the FTC, these companies convinced people to pay at least $895 up front to join a mortgage fraud lawsuit against banks and lenders. Homeowners found out about this scheme through mailers which said the lawsuit would help them avoid foreclosure, get rid of their mortgage, or help them get money from their lenders.
The FTC says people who visited these law offices to have their mortgage papers “evaluated” were told they had a strong case. Many of them then paid upfront and recurring monthly fees. But the FTC says that most of the companies’ proposed lawsuits were flat out dismissed. And, in many instances, the companies never even added paying homeowners as plaintiffs to any case.
If you are struggling to pay your mortgage, a BankNewport mortgage lender for help.
Click here to check out the FTC Mortgage Relief Scam article for more information.
Scammers are using fake caller ID information to trick you into thinking they are a trusted source, such as a government agency, the police, or a company you might do business with. This practice is called caller ID spoofing. Do not rely on the caller ID to verify who is calling. It is nearly impossible to tell if caller ID information is real. The FTC has issued the following tips for handling these calls:
- If you get a strange call from the government, hang up. If you want to check it out, visit the official (.gov) website for contact information. Government employees won’t call out of the blue to demand money or account information.
- Don’t give out — or confirm — your personal or financial information to someone who calls.
- Don’t wire money or send money using a reloadable card. In fact, never pay someone who calls out of the blue, even if the name or number on the caller ID looks legit.
- Feeling pressured to act immediately? Hang up. That’s a sure sign of a scam.
In a recent FTC alert, a PayPal (an online payment system that supports online money transfers) spoofing scheme is highlighted. There have been three scenarios in which online sellers have fallen victim to fraudsters.
A buyer claims he can only pay via PayPal. Don’t have a PayPal account? Don’t worry he says he’ll send you an email with a setup link. What to do? Don’t click the link. Go to PayPal.com directly to setup accounts.
The buyer claims he has sent payment to your PayPal account with additional funds so you can ship the merchandise ASAP, but oops, he sent too much money. He asks you to return the extra money via a money wiring service. It’s all a lie, including the extra money the buyer says he included. What to do? Ensure you have been paid before you ship. Always log onto PayPal.com directly
The buyer sends you real money through a real PayPal account, and you ship him the car. Problem is, the PayPal account belongs to someone else! You might need to return the money even though the scammer has your wheels. What to do? Contact firstname.lastname@example.org and ask them to open an investigation. The company offers seller protections so you aren’t liable for unauthorized transactions.
Click here to view the full FTC alert.
The FBI has issued an alert about a fraud scam known as "Business E-mail Compromise" targeting businesses that regularly make wire transfers to foreign companies.
BankNewport confirmed it has identified that there was unauthorized access to some debit cards at four BankNewport ATMs during specific hours on certain dates. If you have not heard from us directly, your card was not impacted as part of this incident.
Impacted customers have already been notified based on date specific usage of their debit card at the Bank’s Barrington, East Greenwich, and Jamestown branch ATM machines, as well as the Middletown branch drive-up ATM.
BankNewport has worked closely with law enforcement in this matter, and it has confirmed that suspects have been apprehended – the suspects may also be connected to a number of recent illicit ATM skimming incidents at other financial institutions in Rhode Island.
Less than three percent of BankNewport ATM debit card holders were compromised.
Upon learning of the fraudulent ATM skimming activity, the Bank immediately closed all ATM debit cards of those customers impacted from the Barrington and Jamestown locations, as well as reached out to them by phone. Based on the specific information impacting the East Greenwich and Middletown locations, the Bank decided not to close the affected debit cards, but instead lower the affected debit card limits to minimize risk to customers, while concurrently notifying them by mail and immediately ordering replacement cards.
The Bank notified customers as a security precaution, and not as an indication of fraud on their account.
Our first priority is preserving the trust of our customers and we have moved decisively and quickly to address our customers’ needs. Please know that our customers will not be held financially responsible for any debit card fraud.
We take the crime of fraud very seriously. These incidents were crimes against our customers, as well as BankNewport. We regret any inconvenience this may have caused.
As always, customers who suspect unauthorized activity should contact BankNewport at 401-845-2265 option (0) or 1-877-709-2265 option (0) Monday through Thursday 8am-5pm, Friday 8am-6pm and Saturday 9am to Noon.
BankNewport is committed to providing you with a convenient, safe and secure banking experience. Currently we are experiencing an increase in fraudulent Visa Debit Card activity. In response to this increased fraud risk, we have temporarily placed limits on using your debit card for certain transactions and geographic locations. To prevent an interruption in your debit card access we advise you to contact the Bank at 401.845.2265 or 1.877.709.2265 prior to traveling and/or making major purchases.
Please note, BankNewport has tested and reviewed our systems, and we have determined that none of our systems is or ever was vulnerable to the Heartbleed Bug. It is safe for you to continue using our electronic services.
Your online security is always a priority. Given the recent news of the Heartbleed Bug, we want you to know what we're doing to protect your information.
What is the Heartbleed Bug?
The Heartbleed Bug is a coding flaw that has potentially exposed information on some web sites, including user names and passwords.
The best thing to do
Rest assured, BankNewport's website and Online Banking are not vulnerable to Heartbleed. However, it’s a good idea to change your password regularly. Beware of phishing scams – or e-mails with malicious links – that will attempt to get additional sensitive information from you. Also, monitor your account regularly and report suspicious transactions to the bank immediately.
Why you can feel confident
We're serious about security. Your online account with BankNewport is protected with a sophisticated information security program. Our multi-layered defense system consists of preventative, detective and response controls that help to keep your information safe.
If you have any further questions, please contact us at 401.845.2265 or 877.709.2265.
BankNewport has been made aware of a recent scam that is coming in the form of a text message. This type of attack is called SMS phishing and it is coming from 401.266.1676. The message reads:
BankNewport ALERT: Your Debit/Card has been temporarily *DEACTIVATED*. Please call our 24hrs line (401) 305-2320.
Please be aware that this is NOT a valid BankNewport message. Customers will not receive text message alerts from BankNewport unless they have opted into this feature. Also, text message alerts from BankNewport are informational only, and you will never be asked to contact us.
Please be advised of an active vishing (voice phishing) campaign affecting people in the New England area.
Residents of the area are receiving an automated phone call claiming their debit card has been breached. The person is instructed to enter their debit card number, PIN, and sometimes other sensitive information.
This is a scam that has been seen before in the New England area in the recent past. Based on what we are seeing now, this appears to be a fairly common, run-of-the-mill vishing campaign.
The fraudsters will cast a wide net, calling as many households as possible in an effort to trick as many people as possible. At this time we do not have any indication as to how widespread this campaign may become but it is important to exercise the following recommendations:
If you believe you might have revealed sensitive information, call BankNewport at 1.401.845.2265 immediately.
Microsoft will discontinue extended support for XP effective April 8, 2014. After this date, Microsoft will no longer provide regular security patches, technical assistance, or support for XP.
If you are still using XP, your machine could be exposed to increased risk. It is not recommended that you use any machine with an outdated operating system to access or store personal information, including your online banking.
For more information on how to upgrade, please click here to be directed to Microsoft's website.